Lemmy

12468 readers

1 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago

MODERATORS

nutomic@lemmy.ml

Can instance admins see users' history of visited post? (reddthat.com)

submitted 1 year ago by Zeth0s@reddthat.com to c/lemmy@lemmy.ml

16 comments fedilink hide all child comments

As we are concerned about privacy, I am curious just to understand if lemmy can be at some point exploited by someone to profile its users.

you are viewing a single comment's thread
view the rest of the comments

[–] Zeth0s@reddthat.com 3 points 1 year ago (10 children)

Thanks. It would be interesting to understand if some anonymization technique could technically be created, and eventually implemented in the future.

Because it looks a pretty dangerous situation, given what people discuss on social media nowadays...

[–] fubo@lemmy.world 6 points 1 year ago (9 children)

That may not be possible with web technology.

Browsers send URLs to web servers. The web server has to have the URL the user wants in order to serve a response; and it has to know who the user is in order to check permissions (e.g. don't accept a moderation action from a user who is not a moderator).

This inherently creates an opportunity for the web server to record any details about that exchange.

[–] Zeth0s@reddthat.com 2 points 1 year ago (8 children)

What if database entries are encrypted, so that a person cannot match email and username with the requests in the urls?

Users' client create encryption key on client side. Would it make sense?

[–] LordXenu@lemm.ee 3 points 1 year ago (1 children)

This all happens before the database even gets asked for information. The web server will make a log of the requests as they come in before responding.

At minimum the web server needs to know where to send the data back to.

[–] Zeth0s@reddthat.com 1 points 1 year ago

Thanks, makes sense

load more comments (6 replies)